Mercurial > prosody-modules
annotate mod_register_json/register_json/mod_register_json.lua @ 5406:b86d80e21c60
mod_http_oauth2: Validate consistency of response and grant types
Ensure that these correlated fields make sense per RFC 7591 ยง 2.1, even
though we currently only check the response type during authorization.
This could probably all be deleted if (when!) we remove the implicit
grant, since then these things don't make any sense anymore.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Tue, 02 May 2023 16:34:31 +0200 |
parents | 7dbde05b48a9 |
children |
rev | line source |
---|---|
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
1 -- Expose a simple token based servlet to handle user registrations from web pages |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
2 -- through Base64 encoded JSON. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
3 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
4 -- Copyright (C) 2010 - 2013, Marco Cirillo (LW.Org) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
5 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
6 local datamanager = datamanager |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
7 local b64_decode = require "util.encodings".base64.decode |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
8 local b64_encode = require "util.encodings".base64.encode |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
9 local http_event = require "net.http.server".fire_event |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
10 local jid_prep = require "util.jid".prep |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
11 local jid_split = require "util.jid".split |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
12 local json_decode = require "util.json".decode |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
13 local nodeprep = require "util.encodings".stringprep.nodeprep |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
14 local open, os_time, setmt, type = io.open, os.time, setmetatable, type |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
15 local sha1 = require "util.hashes".sha1 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
16 local urldecode = http.urldecode |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
17 local usermanager = usermanager |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
18 local uuid_gen = require "util.uuid".generate |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
19 local timer = require "util.timer" |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
20 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
21 module:depends("http") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
22 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
23 -- Pick up configuration and setup stores/variables. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
24 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
25 local auth_token = module:get_option_string("reg_servlet_auth_token") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
26 local secure = module:get_option_boolean("reg_servlet_secure", true) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
27 local base_path = module:get_option_string("reg_servlet_base", "/register_account/") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
28 local throttle_time = module:get_option_number("reg_servlet_ttime", nil) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
29 local whitelist = module:get_option_set("reg_servlet_wl", {}) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
30 local blacklist = module:get_option_set("reg_servlet_bl", {}) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
31 local fm_patterns = module:get_option("reg_servlet_filtered_mails", {}) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
32 if type(fm_patterns) ~= "table" then fm_patterns = {} end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
33 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
34 local files_base = module.path:gsub("/[^/]+$","") .. "/template/" |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
35 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
36 local recent_ips = {} |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
37 local pending = {} |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
38 local pending_node = {} |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
39 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
40 -- Setup hashes data structure |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
41 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
42 hashes = { _index = {} } |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
43 local hashes_mt = {} ; hashes_mt.__index = hashes_mt |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
44 function hashes_mt:add(node, mail) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
45 local _hash = b64_encode(sha1(mail)) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
46 if not self:exists(_hash) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
47 self[_hash] = node ; self._index[node] = _hash ; self:save() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
48 return true |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
49 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
50 return false |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
51 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
52 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
53 function hashes_mt:exists(hash) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
54 if hashes[hash] then return true else return false end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
55 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
56 function hashes_mt:remove(node) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
57 local _hash = self._index[node] |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
58 if _hash then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
59 self[_hash] = nil ; self._index[node] = nil ; self:save() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
60 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
61 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
62 function hashes_mt:save() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
63 if not datamanager.store("register_json", module.host, "hashes", hashes) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
64 module:log("error", "Failed to save the mail addresses' hashes store.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
65 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
66 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
67 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
68 local function check_mail(address) |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
69 for _, pattern in ipairs(fm_patterns) do |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
70 if address:match(pattern) then return false end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
71 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
72 return true |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
73 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
74 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
75 -- Begin |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
76 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
77 local function handle(code, message) return http_event("http-error", { code = code, message = message }) end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
78 local function http_response(event, code, message, headers) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
79 local response = event.response |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
80 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
81 if headers then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
82 for header, data in pairs(headers) do response.headers[header] = data end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
83 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
84 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
85 response.status_code = code |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
86 response:send(handle(code, message)) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
87 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
88 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
89 local function handle_req(event) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
90 local request = event.request |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
91 if secure and not request.secure then return nil end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
92 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
93 if request.method ~= "POST" then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
94 return http_response(event, 405, "Bad method.", {["Allow"] = "POST"}) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
95 end |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
96 |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
97 local req_body |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
98 -- We check that what we have is valid JSON wise else we throw an error... |
991
929dcf3c4bcb
mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents:
989
diff
changeset
|
99 if not pcall(function() req_body = json_decode(b64_decode(request.body)) end) then |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
100 module:log("debug", "Data submitted for user registration by %s failed to Decode.", user) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
101 return http_response(event, 400, "Decoding failed.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
102 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
103 -- Decode JSON data and check that all bits are there else throw an error |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
104 if req_body["username"] == nil or req_body["password"] == nil or req_body["ip"] == nil or req_body["mail"] == nil or |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
105 req_body["auth_token"] == nil then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
106 module:log("debug", "%s supplied an insufficent number of elements or wrong elements for the JSON registration", user) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
107 return http_response(event, 400, "Invalid syntax.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
108 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
109 -- Set up variables |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
110 local username, password, ip, mail, token = req_body.username, req_body.password, req_body.ip, req_body.mail, req_body.auth_token |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
111 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
112 -- Check if user is an admin of said host |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
113 if token ~= auth_token then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
114 module:log("warn", "%s tried to retrieve a registration token for %s@%s", request.ip, username, module.host) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
115 return http_response(event, 401, "Auth token is invalid! The attempt has been logged.") |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
116 else |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
117 -- Blacklist can be checked here. |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
118 if blacklist:contains(ip) then |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
119 module:log("warn", "Attempt of reg. submission to the JSON servlet from blacklisted address: %s", ip) |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
120 return http_response(event, 403, "The specified address is blacklisted, sorry.") |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
121 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
122 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
123 if not check_mail(mail) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
124 module:log("warn", "%s attempted to use a mail address (%s) matching one of the forbidden patterns.", ip, mail) |
992
794817421fc6
mod_register_json: added missing parameter to some http_response calls.
Marco Cirillo <maranda@lightwitch.org>
parents:
991
diff
changeset
|
125 return http_response(event, 403, "Requesting to register using this E-Mail address is forbidden, sorry.") |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
126 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
127 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
128 -- We first check if the supplied username for registration is already there. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
129 -- And nodeprep the username |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
130 username = nodeprep(username) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
131 if not username then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
132 module:log("debug", "An username containing invalid characters was supplied: %s", req_body["username"]) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
133 return http_response(event, 406, "Supplied username contains invalid characters, see RFC 6122.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
134 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
135 if pending_node[username] then |
995
716a2b9cc18d
mod_register_json: fix logging message for already pending registrations' bounces.
Marco Cirillo <maranda@lightwitch.org>
parents:
992
diff
changeset
|
136 module:log("warn", "%s attempted to submit a registration request but another request for that user (%s) is pending", ip, username) |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
137 return http_response(event, 401, "Another user registration by that username is pending.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
138 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
139 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
140 if not usermanager.user_exists(username, module.host) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
141 -- if username fails to register successive requests shouldn't be throttled until one is successful. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
142 if throttle_time and not whitelist:contains(ip) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
143 if not recent_ips[ip] then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
144 recent_ips[ip] = os_time() |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
145 else |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
146 if os_time() - recent_ips[ip] < throttle_time then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
147 recent_ips[ip] = os_time() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
148 module:log("warn", "JSON Registration request from %s has been throttled.", req_body["ip"]) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
149 return http_response(event, 503, "Request throttled, wait a bit and try again.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
150 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
151 recent_ips[ip] = os_time() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
152 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
153 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
154 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
155 local uuid = uuid_gen() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
156 if not hashes:add(username, mail) then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
157 module:log("warn", "%s (%s) attempted to register to the server with an E-Mail address we already possess the hash of.", username, ip) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
158 return http_response(event, 409, "The E-Mail Address provided matches the hash associated to an existing account.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
159 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
160 pending[uuid] = { node = username, password = password, ip = ip } |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
161 pending_node[username] = uuid |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
162 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
163 timer.add_task(300, function() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
164 if pending[uuid] then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
165 pending[uuid] = nil |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
166 pending_node[username] = nil |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
167 hashes:remove(username) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
168 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
169 end) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
170 module:log("info", "%s (%s) submitted a registration request and is awaiting final verification", username, uuid) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
171 return uuid |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
172 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
173 module:log("debug", "%s registration data submission failed (user already exists)", username) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
174 return http_response(event, 409, "User already exists.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
175 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
176 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
177 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
178 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
179 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
180 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
181 local function open_file(file) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
182 local f, err = open(file, "rb"); |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
183 if not f then return nil end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
184 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
185 local data = f:read("*a") ; f:close() |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
186 return data |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
187 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
188 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
189 local function r_template(event, type) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
190 local data = open_file(files_base..type.."_t.html") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
191 if data then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
192 data = data:gsub("%%REG%-URL", base_path.."verify/") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
193 return data |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
194 else return http_response(event, 500, "Failed to obtain template.") end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
195 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
196 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
197 local function handle_verify(event, path) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
198 local request = event.request |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
199 local body = request.body |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
200 if secure and not request.secure then return nil end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
201 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
202 local valid_files = { |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
203 ["css/style.css"] = files_base.."css/style.css", |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
204 ["images/tile.png"] = files_base.."images/tile.png", |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
205 ["images/header.png"] = files_base.."images/header.png" |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
206 } |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
207 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
208 if request.method == "GET" then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
209 if path == "" then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
210 return r_template(event, "form") |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
211 end |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
212 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
213 if valid_files[path] then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
214 local data = open_file(valid_files[path]) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
215 if data then return data |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
216 else return http_response(event, 404, "Not found.") end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
217 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
218 elseif request.method == "POST" then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
219 if path == "" then |
991
929dcf3c4bcb
mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents:
989
diff
changeset
|
220 if not body then return http_response(event, 400, "Bad Request.") end |
929dcf3c4bcb
mod_register_json: small code cleanup & optimization.
Marco Cirillo <maranda@lightwitch.org>
parents:
989
diff
changeset
|
221 local uuid = urldecode(body):match("^uuid=(.*)$") |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
222 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
223 if not pending[uuid] then |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
224 return r_template(event, "fail") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
225 else |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
226 local username, password, ip = |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
227 pending[uuid].node, pending[uuid].password, pending[uuid].ip |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
228 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
229 local ok, error = usermanager.create_user(username, password, module.host) |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
230 if ok then |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
231 module:fire_event( |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
232 "user-registered", |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
233 { username = username, host = module.host, source = "mod_register_json", session = { ip = ip } } |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
234 ) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
235 module:log("info", "Account %s@%s is successfully verified and activated", username, module.host) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
236 -- we shall not clean the user from the pending lists as long as registration doesn't succeed. |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
237 pending[uuid] = nil ; pending_node[username] = nil |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
238 return r_template(event, "success") |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
239 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
240 module:log("error", "User creation failed: "..error) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
241 return http_response(event, 500, "Encountered server error while creating the user: "..error) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
242 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
243 end |
1343
7dbde05b48a9
all the things: Remove trailing whitespace
Florian Zeitz <florob@babelmonkeys.de>
parents:
995
diff
changeset
|
244 end |
989
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
245 else |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
246 return http_response(event, 405, "Invalid method.") |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
247 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
248 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
249 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
250 local function handle_user_deletion(event) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
251 local user, hostname = event.username, event.host |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
252 if hostname == module.host then hashes:remove(user) end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
253 end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
254 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
255 -- Set it up! |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
256 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
257 hashes = datamanager.load("register_json", module.host, "hashes") or hashes ; setmt(hashes, hashes_mt) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
258 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
259 module:provides("http", { |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
260 default_path = base_path, |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
261 route = { |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
262 ["GET /"] = handle_req, |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
263 ["POST /"] = handle_req, |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
264 ["GET /verify/*"] = handle_verify, |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
265 ["POST /verify/*"] = handle_verify |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
266 } |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
267 }) |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
268 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
269 module:hook_global("user-deleted", handle_user_deletion, 10); |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
270 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
271 -- Reloadability |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
272 |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
273 module.save = function() return { hashes = hashes } end |
7c04c5856daa
mod_register_json: major code overhaul into a token based registration & verification system.
Marco Cirillo <maranda@lightwitch.org>
parents:
diff
changeset
|
274 module.restore = function(data) hashes = data.hashes or { _index = {} } ; setmt(hashes, hashes_mt) end |